This week I decided to test my hands on the log management tool from VMware i.e vrealize Log Insight. We have this tool in our production environment and have to jump into analysis of Alerts received from this tool. Due to lack of knowledge troubleshooting sometime becomes very difficult so I decided to deploy this in my lab and play around options.

What is vRealize Log Insight?

vRealize Log Insight is a log management tool that aggregates logs from various systems into one place.The cool aspect of Log Insight is that it supports the collection of logs either from VMware infrastructure (i.e. ESXi hosts) either from physical infrastructure (i.e. physical servers, physical switches, etc.) either from application (i.e. virtual/physical machines guest operating systems).

With the introduction of vCenter Log Insight (Later renamed as vRealize Log Insight) VMware joined the already crowded log analytics market. There are several other products in market such as Splunk, LogRhythm, Sumo Logic and Loggly which are used for data center log consolidation and analysis. The advantage of Log Insight is its seamless integration with other VMware products.

What is the advantage of using Log Insight?

Log Insight is used for operational analytics in traditional data center and cloud environments. It has the ability to discover emerging patterns and guide administrators to the root cause of problems.

Log Insight makes it possible to do all sorts of queries and analytics on the data retrieved. Log Insight is just not for vSphere or other Vmware products, but can interact with other products such as Microsoft OS, SQL Server, IIS Server, Sharepoint, the .NET CLR, networking/storage products from Cisco (ASA, Nexus), Arista, Brocade, EMC (VNX), NetApp, Synology and even for compute products from VCE and Cisco (UCS) via Management packs for these products.

As we all know VMware is known for acquiring the small companies and then re-design and rebrand the product under VMware name. Log Insight is no exception to this and is a result of VMware’s acquisition of Pattern Insight in August 2012.

The current version of Log Insight is 3.3.1 and is available for download in form of ova file from vmware.com.

How Log Insight works?

Log Insight is deployed as a virtual appliance in vSphere Infrastructure. The virtual appliance contains the Log Insight application installed on a SUSE Linux operating system and database. The Log Insight database is a special designed database and contains something called “just-in-time schema” which enables it to ingest syslog data from hundreds of syslog agents and store the unstructured data without modifying the database.

Log Insight appliance contains the customizable dashboards which gives a visual representation of what’s going on with infrastructure. Dashboard contains custom graphs of log events that are coming from different pieces of infrastructure.

If you want to know more about Log Insight product, I would encourage you to read following blogs:

Share this on Social Media

Like this:

LikeLoading...

Related

About Alex Hunt

Hi All
I am Manish Kumar Jha aka Alex Hunt. I am currently working in VMware Software India Pvt Ltd as Operations System Engineer (vCloud Air Operations).
I have around 5 Years of IT experience and have exposure on VMware vSphere, vCloud Director, RHEL and modern data center technologies like Cisco UCS and Cisco Nexus 1000v and NSX.
If you find any post informational to you please press like and share it across social media and leave your comments if you want to discuss further on any post.
Disclaimer:
All the information on this website is published in good faith and for general information purpose only. I don’t make any warranties about the completeness, reliability and accuracy of this information.
Any action you take upon the information you find on this blog is strictly at your own risk. The Views and opinions published on this blog are my own and not the opinions of my employer or any of the vendors of the product discussed.